Concerned about recent PAN-OS and other firewall/VPN CVEs? Take advantage of Zscaler’s special offer today
Learn More

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Products & Solutions

An Introduction to Zero Trust Network Access

image
CAMILLA AHLQUIST
October 01, 2020 - 3 min read
Zero Trust Architecture

Contents

  1. Article
  2. More blogs

Zero trust is more important now than ever before. With a newly mobile workforce, an increased urgency for cloud, and an increase in phishing and ransomware attacks, zero trust has become the next critical step in digital transformation for many.

In fact, according to a recent survey conducted by Microsoft, 51 percent of business leaders are accelerating their zero trust deployment, while 91 percent of companies report that they are in the process of deploying zero trust.

While the term “zero trust” has become well known, many are unfamiliar with the technology that powers the zero trust model that businesses strive to achieve. This is where zero trust network access (ZTNA) comes in.

 

intro ztna video

 

What is ZTNA?

Zero trust network access (ZTNA), also known as a software defined perimeter (SDP), is the technology that enables the secure connections behind a true zero trust model. 

Gartner defines ZTNA as a technology that “provides controlled access to resources, reducing the surface area for attack. The isolation afforded by ZTNA improves connectivity, removing the need to directly expose applications to the internet. The internet becomes an untrusted transport and access to applications occurs through an intermediary. The intermediary can be a cloud service controlled by a third-party provider or a self-hosted service.”

  Gartner, Market Guide to Zero Trust Network Access, June 2020

But what does this mean for the business? Most importantly, it means that businesses no longer have to choose between upholding security standards and delivering a fast access experience for their users. The most popular ZTNA solutions are global cloud-delivered services that bring access as close to the user as possible, regardless of their location or device. As a result, many are switching from legacy VPN infrastructure to cloud-delivered ZTNA services.

 

How is ZTNA unique?

While many vendors claim to achieve zero trust, ZTNA is differentiated from other technologies in four critical areas.

1. Users are NEVER placed on the network

Unlike technologies such as VPN, ZTNA completely isolates the act of providing application access from network access. This isolation reduces risk by keeping potentially infected devices from entering the corporate network and only grants application access to authorized users.

2. Internal apps are completely invisible

ZTNA keeps both applications and infrastructure invisible to the internet by only initiating outbound connections. Unlike VPN that makes its location known to users, ZTNA never exposes IPs to the internet, making the network dark to unwanted users and internet-based attacks.

3. Lateral movement is eliminated

ZTNA makes connections between an authorized user and a specific application on a one-to-one basis. That means IT can granularly and tactically eliminate lateral movement on the network or between applications by simply enforcing business policies. App segmentation is a native ability of ZTNA which eliminates the need to perform network segmentation.

4. The internet is used as a secure means of connectivity

ZTNA takes a user-to-application approach rather than a network-centric approach to security. The network becomes deemphasized and the internet becomes the new corporate network, leveraging end-to-end encrypted TLS micro-tunnels, dramatically reducing the need for  costly MPLS links.
 

The ultimate benefit of ZTNA

While there are many benefits to ZTNA, they all revolve around two important concepts: security and simplification. 

ZTNA makes IT’s life easier by eliminating headaches caused by traditional remote access technologies. With ZTNA, IT can have confidence knowing that their organization is secured with the highest level of zero trust access while users effortlessly connect to internal apps, allowing business to run as normal regardless of user location.

IT doesn’t need to choose between providing security or offering a good user experience. You can achieve both, but it takes the right technology. Learn more about how ZTNA has led to the success of these business executives. Read these 3 top CxO stories.

More resources:

Camilla Alhquist is a product marketing specialist at Zscaler.

form submtited
Thank you for reading

Was this post useful?

vote yes
Yes, very!
vote no
Not really

Explore more Zscaler blogs

Exceptional Customer Experiences Begin at Home
Exceptional Customer Experiences Begin at Home
Read post
The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk
The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk
Read post
Take Cloud Native Security to the Next Level with Integrated DLP and Threat Intel
Take Cloud Native Security to the Next Level with Integrated DLP and Threat Intel
Read post
Cloud Compliance
The Impact of Public Cloud Across Your Organization
Read post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.